diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Collection.php b/lib/Alchemy/Phrasea/Controller/Admin/Collection.php index 686fc43f94..5853314576 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Collection.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Collection.php @@ -26,7 +26,8 @@ class Collection implements ControllerProviderInterface $controllers = $app['controllers_factory']; $controllers->before(function(Request $request) use ($app) { - $app['firewall']->requireRightOnBase($app['request']->attributes->get('bas_id'), 'canadmin'); + $app['firewall']->requireAccessToModule('admin') + ->requireRightOnBase($app['request']->attributes->get('bas_id'), 'canadmin'); }); /** diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php b/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php index 1c716e3a43..f7c1ac9870 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php @@ -30,7 +30,7 @@ class Databoxes implements ControllerProviderInterface $controllers = $app['controllers_factory']; $controllers->before(function(Request $request) use ($app) { - $app['firewall']->requireAdmin(); + $app['firewall']->requireAccessToModule('admin'); }); @@ -65,7 +65,10 @@ class Databoxes implements ControllerProviderInterface * return : Redirect Response */ $controllers->post('/', $this->call('createDatabase')) - ->bind('admin_database_new'); + ->bind('admin_database_new') + ->before(function(Request $request) use ($app) { + $app['firewall']->requireAdmin(); + }); /** * Mount a database @@ -81,7 +84,10 @@ class Databoxes implements ControllerProviderInterface * return : Redirect Response */ $controllers->post('/mount/', $this->call('databaseMount')) - ->bind('admin_database_mount'); + ->bind('admin_database_mount') + ->before(function(Request $request) use ($app) { + $app['firewall']->requireAdmin(); + }); /** * Upgrade all databases @@ -97,7 +103,10 @@ class Databoxes implements ControllerProviderInterface * return : Redirect Response */ $controllers->post('/upgrade/', $this->call('databasesUpgrade')) - ->bind('admin_databases_upgrade'); + ->bind('admin_databases_upgrade') + ->before(function(Request $request) use ($app) { + $app['firewall']->requireAdmin(); + }); return $controllers; } @@ -111,11 +120,7 @@ class Databoxes implements ControllerProviderInterface */ public function getDatabases(Application $app, Request $request) { - $createBase = $mountBase = $upgradeAvailable = false; - - if ($app['phraseanet.appbox']->upgradeavailable()) { - $upgradeAvailable = true; - } + $createBase = $mountBase = false; $sbasIds = array_merge( array_keys($app['phraseanet.user']->ACL()->get_granted_sbas(array('bas_manage'))) @@ -133,9 +138,6 @@ class Databoxes implements ControllerProviderInterface try { $databox = $app['phraseanet.appbox']->get_databox($sbasId); - if ($databox->upgradeavailable()) { - $upgradeAvailable = true; - } $sbas[$sbasId] = array( 'version' => $databox->get_version(), @@ -183,7 +185,6 @@ class Databoxes implements ControllerProviderInterface return $app['twig']->render('admin/databases.html.twig', array( 'files' => new \DirectoryIterator($app['phraseanet.registry']->get('GV_RootPath') . 'lib/conf.d/data_templates'), 'sbas' => $sbas, - 'upgrade_available' => $upgradeAvailable, 'error_msg' => $errorMsg, 'recommendations' => $upgrader->getRecommendations(), 'advices' => $request->query->get('advices', array()), diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Description.php b/lib/Alchemy/Phrasea/Controller/Admin/Description.php index a882992adb..adb890a764 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Description.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Description.php @@ -30,23 +30,18 @@ class Description implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAccessToModule('admin') + ->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct'); + }); + $controllers->get('/metadatas/search/', $this->call('metadataTypeAhead')); $controllers->post('/{sbas_id}/', $this->call('updateDataboxStructure')) - ->before(function(Request $request) use ($app) { - if (false === $app['phraseanet.user']->ACL() - ->has_right_on_sbas($request->attributes->get('sbas_id'), 'bas_modify_struct')) { - throw new AccessDeniedHttpException('You are not allowed to access this zone'); - } - })->assert('sbas_id', '\d+'); + ->assert('sbas_id', '\d+'); $controllers->get('/{sbas_id}/', $this->call('getDataboxStructure')) - ->before(function(Request $request) use ($app) { - if (false === $app['phraseanet.user']->ACL() - ->has_right_on_sbas($request->attributes->get('sbas_id'), 'bas_modify_struct')) { - throw new AccessDeniedHttpException('You are not allowed to access this zone'); - } - })->assert('sbas_id', '\d+'); + ->assert('sbas_id', '\d+'); return $controllers; } diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Fields.php b/lib/Alchemy/Phrasea/Controller/Admin/Fields.php index fe3d0bb884..1f4f3ac3d0 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Fields.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Fields.php @@ -28,6 +28,10 @@ class Fields implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAccessToModule('admin'); + }); + $controllers->get('/checkmulti/', function(PhraseaApplication $app, Request $request) { $multi = ($request->query->get('multi') === 'true'); diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Publications.php b/lib/Alchemy/Phrasea/Controller/Admin/Publications.php index 766962eb39..5c09b3708d 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Publications.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Publications.php @@ -28,6 +28,13 @@ class Publications implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + /** + * TODO NEUTRON verifier correlation avec tree + */ + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAccessToModule('admin'); + }); + $controllers->get('/list/', function(PhraseaApplication $app) { $feeds = \Feed_Collection::load_all( diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Subdefs.php b/lib/Alchemy/Phrasea/Controller/Admin/Subdefs.php index e018ad8d06..721ecb6ff7 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Subdefs.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Subdefs.php @@ -28,6 +28,11 @@ class Subdefs implements ControllerProviderInterface $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAccessToModule('admin') + ->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct'); + }); + $controllers->get('/{sbas_id}/', function(Application $app, $sbas_id) { $databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id); diff --git a/lib/Alchemy/Phrasea/Controller/Admin/TaskManager.php b/lib/Alchemy/Phrasea/Controller/Admin/TaskManager.php index 4d71dd19e9..b6f0fa7b4d 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/TaskManager.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/TaskManager.php @@ -24,6 +24,10 @@ class TaskManager implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAdmin(); + }); + $controllers->get('/', function(Application $app, Request $request) { return $app->redirect('/admin/task-manager/tasks/'); }); diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Users.php b/lib/Alchemy/Phrasea/Controller/Admin/Users.php index b272ea0fc4..a863ee8466 100644 --- a/lib/Alchemy/Phrasea/Controller/Admin/Users.php +++ b/lib/Alchemy/Phrasea/Controller/Admin/Users.php @@ -29,6 +29,11 @@ class Users implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAccessToModule('admin') + ->requireRight('manageusers'); + }); + $controllers->post('/rights/', function(Application $app) { $rights = new UserHelper\Edit($app, $app['request']); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php index b9c4b4137e..5398eddcc5 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php @@ -29,6 +29,10 @@ class Feed implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication(); + }); + /** * I got a selection of docs, which publications are available forthese docs ? */ @@ -65,6 +69,8 @@ class Feed implements ControllerProviderInterface } return $app->json($datas); + })->before(function(Request $request) use ($app) { + $app['firewall']->requireRight('bas_chupub'); }); $controllers->get('/entry/{id}/edit/', function(Application $app, Request $request, $id) { @@ -79,7 +85,10 @@ class Feed implements ControllerProviderInterface $datas = $app['twig']->render('prod/actions/publish/publish_edit.html.twig', array('entry' => $entry, 'feeds' => $feeds)); return new Response($datas); - })->assert('id', '\d+'); + })->assert('id', '\d+') + ->before(function(Request $request) use ($app) { + $app['firewall']->requireRight('bas_chupub'); + }); $controllers->post('/entry/{id}/update/', function(Application $app, Request $request, $id) { $datas = array('error' => true, 'message' => '', 'datas' => ''); @@ -150,7 +159,9 @@ class Feed implements ControllerProviderInterface } return $app->json($datas); - })->assert('id', '\d+'); + })->assert('id', '\d+')->before(function(Request $request) use ($app) { + $app['firewall']->requireRight('bas_chupub'); + }); $controllers->post('/entry/{id}/delete/', function(Application $app, Request $request, $id) { $datas = array('error' => true, 'message' => ''); @@ -177,7 +188,9 @@ class Feed implements ControllerProviderInterface } return $app->json($datas); - })->assert('id', '\d+'); + })->assert('id', '\d+')->before(function(Request $request) use ($app) { + $app['firewall']->requireRight('bas_chupub'); + }); $controllers->get('/', function(Application $app, Request $request) { $request = $app['request']; diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php b/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php index d271d41e82..679bfd2fec 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php @@ -41,6 +41,11 @@ class Lazaret implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication() + ->requireRight('addrecord'); + }); + /** * Lazaret Elements route * diff --git a/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php b/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php index 8784241efb..7f6923cc15 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php @@ -28,6 +28,12 @@ class MoveCollection implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication() + ->requireRight('addrecord') + ->requireRight('deleterecord'); + }); + $controllers->post('/', $this->call('displayForm')); $controllers->post('/apply/', $this->call('apply')); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Order.php b/lib/Alchemy/Phrasea/Controller/Prod/Order.php index 2f3fe49fb5..15cddb0c9f 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Order.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Order.php @@ -35,6 +35,11 @@ class Order implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication() + ->requireRight('order'); + }); + /** * List all orders * @@ -50,7 +55,7 @@ class Order implements ControllerProviderInterface */ $controllers->get('/', $this->call('displayOrders')) ->before(function(Request $request) use ($app) { - $app['firewall']->requireOrdersAdmin($app); + $app['firewall']->requireOrdersAdmin(); }) ->bind('prod_orders'); @@ -85,7 +90,7 @@ class Order implements ControllerProviderInterface */ $controllers->get('/{order_id}/', $this->call('displayOneOrder')) ->before(function(Request $request) use ($app) { - $app['firewall']->requireOrdersAdmin($app); + $app['firewall']->requireOrdersAdmin(); }) ->bind('prod_order') ->assert('order_id', '\d+'); @@ -105,7 +110,7 @@ class Order implements ControllerProviderInterface */ $controllers->post('/{order_id}/send/', $this->call('sendOrder')) ->before(function(Request $request) use ($app) { - $app['firewall']->requireOrdersAdmin($app); + $app['firewall']->requireOrdersAdmin(); }) ->bind('prod_order_send') ->assert('order_id', '\d+'); @@ -125,7 +130,7 @@ class Order implements ControllerProviderInterface */ $controllers->post('/{order_id}/deny/', $this->call('denyOrder')) ->before(function(Request $request) use ($app) { - $app['firewall']->requireOrdersAdmin($app); + $app['firewall']->requireOrdersAdmin(); }) ->bind('prod_order_deny') ->assert('order_id', '\d+'); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Push.php b/lib/Alchemy/Phrasea/Controller/Prod/Push.php index 2f9c284d00..3200b683c9 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Push.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Push.php @@ -95,6 +95,11 @@ class Push implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication() + ->requireRight('push'); + }); + $userFormatter = $this->getUserFormatter(); $listFormatter = $this->getListFormatter(); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Root.php b/lib/Alchemy/Phrasea/Controller/Prod/Root.php index 884e784e8a..fb4aa66293 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Root.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Root.php @@ -14,7 +14,6 @@ namespace Alchemy\Phrasea\Controller\Prod; use Silex\Application; use Silex\ControllerProviderInterface; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Finder\Finder; use Alchemy\Phrasea\Helper; @@ -31,6 +30,14 @@ class Root implements ControllerProviderInterface $controllers = $app['controllers_factory']; $controllers->before(function(Request $request) use ($app) { + + if (!$app->isAuthenticated() && null !== $request->query->get('nolog') && \phrasea::guest_allowed($app)) { + $auth = new Session_Authentication_Guest($app); + $app->openAccount($auth); + + return $app->redirect('/prod/'); + } + $app['firewall']->requireAuthentication(); }); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Story.php b/lib/Alchemy/Phrasea/Controller/Prod/Story.php index 20f80b4a54..af00cb0953 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Story.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Story.php @@ -29,6 +29,10 @@ class Story implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication(); + }); + $controllers->get('/create/', function(Application $app) { return $app['twig']->render('prod/Story/Create.html.twig', array()); }); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/TOU.php b/lib/Alchemy/Phrasea/Controller/Prod/TOU.php index b06905a4a1..4eec8cbb9c 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/TOU.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/TOU.php @@ -27,6 +27,10 @@ class TOU implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication(); + }); + $controllers->post('/deny/{sbas_id}/', function(Application $app, Request $request, $sbas_id) { $ret = array('success' => false, 'message' => ''); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Tools.php b/lib/Alchemy/Phrasea/Controller/Prod/Tools.php index 13c6fef5ad..9a05546f6c 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Tools.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Tools.php @@ -16,7 +16,6 @@ use DataURI; use Silex\Application; use Silex\ControllerProviderInterface; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpFoundation\Response; /** * @@ -30,6 +29,11 @@ class Tools implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication() + ->requireRight('doctools'); + }); + $controllers->get('/', function(Application $app, Request $request) { $records = RecordsRequest::fromRequest($app, $request, false); diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Upload.php b/lib/Alchemy/Phrasea/Controller/Prod/Upload.php index bad80c740f..a4181349c6 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/Upload.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/Upload.php @@ -41,6 +41,11 @@ class Upload implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication() + ->requireRight('addrecord'); + }); + /** * Upload form route * diff --git a/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php b/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php index 904d1de2b8..9d1ec87ad1 100644 --- a/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php +++ b/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php @@ -32,6 +32,10 @@ class UsrLists implements ControllerProviderInterface { $controllers = $app['controllers_factory']; + $controllers->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication(); + }); + /** * Get all lists */ diff --git a/lib/Alchemy/Phrasea/Controller/Root/Developers.php b/lib/Alchemy/Phrasea/Controller/Root/Developers.php index e95626ab01..d0761616d9 100644 --- a/lib/Alchemy/Phrasea/Controller/Root/Developers.php +++ b/lib/Alchemy/Phrasea/Controller/Root/Developers.php @@ -31,7 +31,7 @@ class Developers implements ControllerProviderInterface $controllers = $app['controllers_factory']; $controllers->before(function() use ($app) { - $app['firewall']->requireAuthentication($app); + $app['firewall']->requireAuthentication(); }); /** diff --git a/lib/Alchemy/Phrasea/Controller/Root/Login.php b/lib/Alchemy/Phrasea/Controller/Root/Login.php index 4c0d89c4b0..dfe0a572ec 100644 --- a/lib/Alchemy/Phrasea/Controller/Root/Login.php +++ b/lib/Alchemy/Phrasea/Controller/Root/Login.php @@ -53,9 +53,7 @@ class Login implements ControllerProviderInterface */ $controllers->get('/', $this->call('login')) ->before(function(Request $request) use ($app) { - if ($app->isAuthenticated()) { - return $app->redirect('/' . $request->query->get('redirect', 'prod') . '/'); - } + $app['firewall']->requireNotAuthenticated(); if (null !== $request->query->get('postlog')) { @@ -85,7 +83,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->post('/authenticate/', $this->call('authenticate')) - ->bind('login_authenticate'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireNotAuthenticated(); + })->bind('login_authenticate'); /** * Logout @@ -101,7 +101,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->get('/logout/', $this->call('logout')) - ->bind('logout'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireAuthentication(); + })->bind('logout'); /** * Register a new user @@ -117,7 +119,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->get('/register/', $this->call('displayRegisterForm')) - ->bind('login_register'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireNotAuthenticated(); + })->bind('login_register'); /** * Register a new user @@ -133,7 +137,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->post('/register/', $this->call('register')) - ->bind('submit_login_register'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireNotAuthenticated(); + })->bind('submit_login_register'); /** * Register confirm @@ -149,7 +155,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->get('/register-confirm/', $this->call('registerConfirm')) - ->bind('login_register_confirm'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireNotAuthenticated(); + })->bind('login_register_confirm'); /** * Send confirmation mail @@ -165,7 +173,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->get('/send-mail-confirm/', $this->call('sendConfirmMail')) - ->bind('login_send_mail'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireNotAuthenticated(); + })->bind('login_send_mail'); /** * Forgot password @@ -181,7 +191,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->get('/forgot-password/', $this->call('displayForgotPasswordForm')) - ->bind('login_forgot_password'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireNotAuthenticated(); + })->bind('login_forgot_password'); /** * Renew password @@ -197,7 +209,9 @@ class Login implements ControllerProviderInterface * return : HTML Response */ $controllers->post('/forgot-password/', $this->call('renewPassword')) - ->bind('submit_login_forgot_password'); + ->before(function(Request $request) use ($app) { + $app['firewall']->requireNotAuthenticated(); + })->bind('submit_login_forgot_password'); return $controllers; } @@ -826,8 +840,7 @@ class Login implements ControllerProviderInterface $sql = "SELECT session_id FROM cache - WHERE (lastaccess < DATE_SUB(NOW(), INTERVAL 1 MONTH) AND token IS NOT NULL) - OR (lastaccess < DATE_SUB(NOW(), INTERVAL 30 MINUTE) AND token IS NULL)"; + WHERE lastaccess < DATE_SUB(NOW(), INTERVAL 1 MONTH)"; $stmt = $conn->prepare($sql); $stmt->execute(); diff --git a/lib/Alchemy/Phrasea/Security/Firewall.php b/lib/Alchemy/Phrasea/Security/Firewall.php index 718a473efc..0c124c29d0 100644 --- a/lib/Alchemy/Phrasea/Security/Firewall.php +++ b/lib/Alchemy/Phrasea/Security/Firewall.php @@ -16,7 +16,7 @@ class Firewall public function requireSetUp() { if (!$this->app['phraseanet.configuration-tester']->isInstalled()) { - $this->app->abort(403, 'Phraseanet is not installed', array('X-Phraseanet-Redirect' => '/setup/')); + $this->app->abort(302, 'Phraseanet is not installed', array('X-Phraseanet-Redirect' => '/setup/')); } return null; @@ -113,7 +113,16 @@ class Firewall public function requireAuthentication() { if (!$this->app->isAuthenticated()) { - $this->app->abort(403, 'You are not authenticated', array('X-Phraseanet-Redirect' => '/login/')); + $this->app->abort(302, 'You are not authenticated', array('X-Phraseanet-Redirect' => '/login/')); + } + + return $this; + } + + public function requireNotAuthenticated() + { + if ($this->app->isAuthenticated()) { + $this->app->abort(302, 'You are authenticated', array('X-Phraseanet-Redirect' => '/prod/')); } return $this;